<?php
require_once '../config.php';
require_once '../dao/dao_db.php';
require_once '../dao/dao_news.php';
session_start();
session_cache_limiter('private');
if($_POST['newstype']!=''){
	$newstype=$_POST['newstype'];
}
if(trim($_POST['newstitle'])!=''){
	$newstitle=$_POST['newstitle'];
}
if(trim($_POST['newscontent'])!=''){
	$newscontent=$_POST['newscontent'];
}
if(isset($_GET['id'])){
	$titleid=$_GET['id'];
}
if(isset($_SESSION['userid'])&&trim($newscontent)!=''){
	if($_SESSION['level']==TEACHER||$_SESSION['level']==ADMINISTRATOR){
		$newsdate=date("Y-m-d");
		$result=save_news($newstitle,$newscontent,$newsdate,$_SESSION['userid'],$newstype);
		mysql_close();
		header("LOCATION:../list_news.php");
	}else{
		header("LOCATION:../error.php?errcode=1");
	}
}elseif (isset($_SESSION['userid'])&&$titleid!=''){
	if($_SESSION['level']==TEACHER||$_SESSION['level']==ADMINISTRATOR){
		$result=check_deleting_news($titleid,$_SESSION['userid']);
		if(mysql_num_rows($result)!=0){
			del_news($titleid);
			mysql_close();
		}
		header("location:../list_news.php");
	}
}else{
	header("location:../login.php");
}

?>